Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 07:04

General

  • Target

    c033fa0f5158ed4cbd839b6655ba5e84_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c033fa0f5158ed4cbd839b6655ba5e84

  • SHA1

    5281c40f8a8710f87857beb93de3701df2378aa9

  • SHA256

    24993c820814aa52e53573c183690969223ac8ba3b59fa02b73f8f2fb5ec247e

  • SHA512

    5d9b772de447e889eaff739ec4ec47f1491c22cce03d3128b4a769368a4e704a6a6eb82905c2188065fce2e4a186671149fe88ad36a254a50278466ef2f19f17

  • SSDEEP

    192:uWbsb5n1SjcnQjxn5Q/VnQiegNnMXInQOkEntbHnQTbnpnQ6CnQtawMBAqnYnQ7r:dQ/2Qx

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c033fa0f5158ed4cbd839b6655ba5e84_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          6970c87fa8be215bbc5814e9f809b9ce

          SHA1

          b86fcf9ab444e29e8331fe36ff27386ebf8f21ef

          SHA256

          7439475b6a5ad189c57a95c49e86c080475899969efe7878b30dec11ceecf3e1

          SHA512

          ead690253575c3d0f6eaae2711a6ee719ea62cca75ffecf975c99a36130a8fcb6ee8c8f9a34fac6fd1a9a1152a4a1fc5ccc2da6bc4293a5ee4aed76542a57116

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e42b78a5e03c445583f287b7feaa290a

          SHA1

          0b1dae0911deb9064eb6cd122aff3b22875dae35

          SHA256

          ccfb57bcea87fde26d030364d22bb33566d8c09050c7ab0c5a939547708210c0

          SHA512

          59869426287830f62ef39952e0374acacf7a11e6c2ae16115ee246abd311a5bb305393f967142964668d8dd241b28843e0a02f878c46c5ce736051d9bd42a07e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          84f2c376844fa2ebeeededba21b52473

          SHA1

          d6ee0cbb77db0c4acad96978fd5144b1635f478c

          SHA256

          999087c8830a1c24db8d5f8089b01ec963d96c2a3b51814efea50747722a5b2f

          SHA512

          2c5a305f8feed217e39699cf63dba641866ac936472f400a5aa8a3cf56ddb22d46f5822f759d00ba4f977f54dcafe3546eba0915f1c1f53e34607b4052c97ed3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e86f365beea540ef8549f7b65dc8eb25

          SHA1

          957d4c47a74e10608ddad919e3ec516281ef3eeb

          SHA256

          324027c366f63e4698077f4b0119baa1c5f0afe35161e9a9a64535681460d07d

          SHA512

          eb66addaf04cf32cd05b57d22d8224c94681796dbb8d83d61930bc7fbe6d868ead85a449302f142cff75a6eda3b55f94f496290e46b17516aa5b8dd659bf0cc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          8279c16eaacf3ad7ad6c2d909b4c8cb8

          SHA1

          a7a972afb9c994f35e633d7724d8be80e19adfb1

          SHA256

          827438c80ca17426ae22f6cf0913a4523b5ce0cef9c1f13e8829755cea537695

          SHA512

          3e5df0c9701cfa5672f43b60cf44c25e16632cb70827d644cc52f43ab28b91b18860f0c9bf4376952ee7e3ace41fb955c3ba80e5c57c56d2ede605f21b934b28

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          83630a9f25f049c0cf817135de4b21b5

          SHA1

          5f824c64d37a917abbcf0b4d64a6418be90de29e

          SHA256

          4e217695ad2fb4ca2160b54e7d7c1fc36a5e4b11e4cbe208b82b3be107b3d643

          SHA512

          66d300596995a32e7d462d74d758b11d18a1e9665bf8486800da8b0968b10f5fce5d14f7f1a1f5a432d9117ca9e4ba762b9f5df2d7f0c49b5f02a760cf6a930f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          54c8ddcd485f257e903714a1efce6dc3

          SHA1

          f95849ff7908ae47761a7517accabf7b1f62ffed

          SHA256

          4232f63344cac00be6a3a437a60b1d7c44ff6ed70ec29716f5cdde09bfc93616

          SHA512

          2505096daafe420308254d6644137b113a691fb9221daee15d706498d2ee298c842ea12a6b92c0406ab96ce65275b9961f013442f708a302d03b3429db2f14a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          aeecad1d455f69869e57ede7f2287c51

          SHA1

          a0820ec206e0a37096f024ca6697a39982d68fdf

          SHA256

          95b413b5584d574a65a9daff0d925877b41151d20cad2cdd58c23491e020e58d

          SHA512

          6f6f4ba3ac5a417ac0e7e044bfcd5af4eb7c91cfd2b56f67dfa3f4a7f70abf54cff8eca0b1ddebd48bfcc32cf8313bb9c51c6be62450dd52b7252d2d328f0863

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e935ebd80b23041ebc96a3b484c95047

          SHA1

          bba99a9d18c538b7023eb89be76f91e32fd33288

          SHA256

          926d8acdca568c997512baba16a40864237afa3fb22f66de66f87515f7580fee

          SHA512

          44c22ce09bc039562bd228efe104139e9822b71a0a97abc8ff5d8fdae822a950a2ede513512cebb649f58bfa813b6919e318f0562c717def24c3e85eae278352

        • C:\Users\Admin\AppData\Local\Temp\Cab81A0.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar825E.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b